On Monday 15 November 2010 04:55:58 Christian Kuersteiner wrote:
> On Thu, 2010-11-11 at 15:39 +0100, Michael Wiegand wrote:
> > I have just added a new change request regarding HTTP/HTTPS proxy support
> > in
> > openvas-libraries (http://www.openvas.org/openvas-cr-51.html).
> >
> > I'd like to thank Christian Kuersteiner for the idea behind this change
> > request and for providing a working prototype as well. I've attached the
> > patch to this mail; please note that the control infrastructure contained
> > in
> > the patch is not yet final and the patch currently only supports proxies on
> > localhost. This will of course change in the final version.
>
> Although I am one of the initiator of the change request I would like to
> give another thought for discussion.
>
> The CR handles proxying of HTTP/S requests. How about the support of
> proxies in general (i.e. SOCKS)? There was a recent discussion on the
> metasploit mailing list (http://seclists.org/metasploit/2010/q4/113)
> where there was the need to scan through a already compromise machine. I
> guess there might be other situations where scanning through a proxy
> might be useful. Of course, scanning through a proxy has some (quite
> severe) caveats but might be accurated and needed in certain situations.
>
> Another problem we face with the CR-51 patch is that it works just if
> the NVT uses the HTTP related functions from NASL (e.g.
> http_open_socket). If the programmer opens a socket for himself we can
> not assure that it will be routed over the proxy. Again if we support
> proxies in general we would have a better way to route all traffic over
> the proxy.
>
> Any thoughts?
in principle it is desireable to able to have a proxy that ultimately
can control the requests regardless of how the NASL script is
implemented.
However, CR#51 is a feature that allows a NVT developer to make
requests manageble by a simple proxy. This feature is to some extent
default behaviour (ie using the standard NASL API for HTTP will use it).
Only doing lower level socket managment will circumvent this.
So, I think CR#51 is a very valid feature request.
A separate CR could try to specicy Christians idea of a more mandatory
proxy setup (also extendingto more than just HTTP).
Best
Jan
--
Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/
Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B
202460
Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-devel mailing list
Openvas-devel@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
